IT Governance

MARCH 27, 2018

Businesses are starting to panic as they try to comply with the General Data Protection Regulation (GDPR) before the May 2018 deadline. Many even believe that the GDPR won’t apply to them because they have fewer than 250 employees. Our small business guide to the GDPR should help clarify some of the key factors affecting SMEs.

GDPR 77

GDPR Compliance Personal data Information Security 77

IT Governance

OCTOBER 15, 2019

Any organisation that’s required to comply with the GDPR (General Data Protection Regulation) must conduct regular risk assessments. However, the GDPR is clear that data is also vulnerable to accidental or unlawful destruction, loss or disclosure. The GDPR risk assessment methodology. Get started with vsRisk.

GDPR 71

GDPR Risk Compliance Personal data 71

AIIM

JULY 24, 2018

You might also be interested in: The Re-Permissioning Dilemma Under GDPR. Data Privacy and Open Data: Secondary Uses under GDPR. Three Critical Steps for GDPR Compliance. Mitigate Data Privacy and Security Risks with Machine Learning. The Privacy and Security Dichotomy. GDPR Compliance Starts with Data Discovery.

GDPR 83

GDPR Compliance Privacy Data Privacy 83

IT Governance

AUGUST 2, 2019

If you think that charities might be shown lenience under the GDPR (General Data Protection Regulation) , you’re wrong. This is a lesson that the transgender advocacy charity Mermaids learned recently , after it accidentally made internal emails containing confidential client information available online. GDPR exemptions for charities.

GDPR 56

GDPR Compliance Personal data Risk 56

Hunton Privacy

JANUARY 26, 2022

On November 14, 2021, the Cyberspace Administration of China (“CAC”) released for public comment its draft Regulations on Network Data Security Management (the “Draft Regulations”). The Draft Regulations also will require the data handler to report a data breach to the Public Security Bureau if the breach involves a suspected crime.

Security 116

Security Data breaches Personal data Cybersecurity 116

IT Governance

JANUARY 1, 2019

The stakes were raised with the enforcement of the EU GDPR (General Data Protection Regulation) in May 2018. It demands adequate security measures and has been widely publicised, as it has the potential to levy large fines against non-compliant organisations. GDPR Data Breach Support Service. DPO as a service (GDPR).

Data breaches 109

Data breaches GDPR Information Security Risk 109

IT Governance

OCTOBER 8, 2018

The stakes were raised with the introduction of the EU GDPR (General Data Protection Regulation) in May 2018. For example, you might know that you need to improve your staff awareness programme, but you might not know how to do that. Information Security Staff Awareness E-Learning Course. Penetration testing.

Data breaches 109

Data breaches GDPR Information Security Risk 109

Hunton Privacy

APRIL 19, 2021

If the adequacy decision is adopted, transfers of personal data from the EU to the UK may continue following the end of the post-Brexit transition period without the implementation of a data transfer mechanism under the EU General Data Protection Regulation (“GDPR”), such as Standard Contractual Clauses.

GDPR 81

GDPR Personal data Access Security 81

Hunton Privacy

DECEMBER 15, 2017

Recently, the EU’s Article 29 Working Party (the “Working Party”) adopted guidelines (the “Guidance”) on the meaning of consent under the EU General Data Protection Regulation (“GDPR”). The Guidance provides further detail on what is necessary to ensure that consent satisfies the requirements of the GDPR: Freely given.

GDPR 63

GDPR Personal data Risk Compliance 63

IT Governance

DECEMBER 13, 2018

This is the deadline given to you under the EU GDPR (General Data Protection Regulation) to report information security incidents to your supervisory authority. Most breaches fit into this category, but not all of them. This will depend on the information that was compromised. Originally published 24 October 2018.

Data breaches 110

Data breaches GDPR Personal data Compliance 110

Hunton Privacy

MARCH 17, 2017

On March 15, 2017, the French data protection authority (the “CNIL”) published a six step methodology and tools for businesses to prepare for the EU General Data Protection Regulation (“GDPR”) that will become applicable on May 25, 2018. This will allow them to be one step ahead and better organized to comply with the upcoming GDPR.

GDPR 75

GDPR Personal data Compliance Privacy 75

IT Governance

OCTOBER 24, 2018

This is the deadline given to you under the EU GDPR (General Data Protection Regulation) to report information security incidents to your supervisory authority. Most breaches fit into this category, but not all of them. This will depend on the information that was compromised. Are you ready for a breach?

Data breaches 110

Data breaches GDPR Compliance Personal data 110

IT Governance

FEBRUARY 19, 2019

Buckinghamshire-based housing developer Magnacrest has been fined for failing to respond to DSARs (data subject access requests) , giving organisations a fresh reminder of the importance of the public’s legal rights to review the information that’s processed about them. The categories of personal data involved.

Access 91

Access GDPR Personal data Compliance 91

Data Protection Report

MAY 23, 2018

The wait is finally over—this Friday the European Union General Data Protection Regulation (GDPR) will come into force. However, the challenges of GDPR certainly don’t end on the date this law goes into implementation. Many of our clients ask us when and how they may be called upon to demonstrate compliance with the GDPR.

GDPR 40

GDPR Personal data Compliance Data breaches 40

Security Affairs

MAY 12, 2021

After the introduction of CCPA and GDPR, much more attention is given to third-party risks, and the privacy terms and conditions users agree to. Global privacy regulations, such as the CCPA and GDPR, were enacted to ensure stricter standards when handling the personal data of consumers.

GDPR 83

GDPR Privacy Personal data Data breaches 83

Hunton Privacy

DECEMBER 20, 2017

The Guidelines aim to provide practical guidance and clarification on the transparency obligations introduced by the EU General Data Protection Regulation (“GDPR”). The transparency obligations require controllers to provide certain information to data subjects regarding the processing of their personal data.

GDPR 62

GDPR Personal data Privacy Communications 62

DLA Piper Privacy Matters

NOVEMBER 29, 2021

The guide is in line with the Article 29 Working Party Guidelines on Data Protection Officers (WP 243 rev 01) , but provides additional insights and practical guidance to organizations that designate a DPO in respect of GDPR and French data protection act requirements. Be the point of contact on GDPR issues.

GDPR 116

GDPR Compliance Personal data Communications 116

Security Affairs

JULY 3, 2023

Examples: Customer Personal Identifiable Information, transactional data, inventory records, and financial statements. Examples : emails, social media posts, customer feedback, audio and video files, images, and documents. Semi-Structured Data: Semi-structured data lies between the structured and unstructured categories.

Unstructured data 92

Unstructured data Metadata Encryption Data structuring 92

Data Matters

NOVEMBER 13, 2020

In relation to special categories of personal data (e.g., The draft SCCs are intended to also satisfy the requirements of Article 28(3) of the GDPR (i.e., data concerning health) the data importer must agree to apply additional safeguards adapted to the specific nature of the data and the risks.

Personal data 68

Personal data GDPR Privacy Compliance 68

eSecurity Planet

SEPTEMBER 23, 2022

Securities and Exchange Commission (SEC) strongly advised public companies to improve their cybersecurity. While the new security proposals have not yet become law, cybersecurity managers can begin to prepare metrics and audits that will not only help comply with those laws, but can also help create positive change now.

Cybersecurity 130

Cybersecurity Compliance Risk Communications 130

Hunton Privacy

NOVEMBER 18, 2022

It gives an initial risk level for categories of data and, according to the ICO, has moved the focus to “whether the transfer significantly increases the risk of either a privacy or other human rights breach” as it believes “this captures the key risk to the people the data is about, and is also achievable.”.

Risk 80

Risk Privacy Government Access 80

IT Governance

JULY 26, 2018

But despite increased excitement and relaxed engagement online, it’s important to remember that your media-rich content requires its own SPF (security protection factor) to defend against a costly data-breach burn… especially during the holiday months when your workforce is reduced and your resources are limited. Data breach example.

Data breaches 53

Data breaches GDPR Personal data Government 53

eSecurity Planet

AUGUST 15, 2022

Security Information and Event Management (SIEM) is a crucial enterprise technology that ties the stack of cybersecurity systems together to assess threats and manage risks. ThreatInsight: This security monitoring assessment tool collects logs and gives you insight into your organization’s threats. IBM Security QRadar SIEM.

Analytics 111

Analytics Cloud Compliance Cybersecurity 111

Data Matters

APRIL 7, 2021

In turn, digital health passports are being considered as a means of, for example, facilitating international travel and entry to mass gatherings such as, football matches and music concerts – with the ultimate aim being to speed up the return to “normality” and promote the re-opening of the economy.

Privacy 68

Privacy Personal data Blockchain Artificial Intelligence 68

Collibra

MARCH 12, 2020

The CCPA officially went into effect on January 1, 2020, impacting over 40 million California residents and thousands of businesses who use personal information (PI) around the globe. Consumers can ask businesses what categories of their PI is being collected. Businesses must provide clear notice about categories of PI it collects.

Data Privacy 59

Data Privacy Privacy Government Compliance 59

Hunton Privacy

JUNE 15, 2023

The list of high-risk systems in the EP’s Position, for example, includes certain AI systems used by large social media platforms to recommend content to users. Particularly relevant is the introduction of a GDPR-like right to lodge a complaint with a supervisory authority. Read the EP’s Position.

Risk 55

Risk Artificial Intelligence Compliance GDPR 55

eSecurity Planet

DECEMBER 9, 2021

We make IT, security, or any business decision by weighing the risks and the rewards. Or as is often the case with security, what costs can we skip and still escape big penalties later? For example, we might nominate: The IT security manager to handle a ransomware incident; Our external accountant to investigate financial fraud; or.

Insurance 122

Insurance Ransomware Data breaches Cloud 122

Hunton Privacy

DECEMBER 7, 2017

On December 1, 2017, the Centre for Information Policy Leadership (“CIPL”) at Hunton & Williams LLP submitted formal comments to the Article 29 Working Party (the “Working Party”) on its Guidelines on Personal Data Breach Notification (the “Guidelines”).

Data breaches 45

Data breaches Personal data GDPR Risk 45